11/11/2015

The Forgotten Cyberthreat

by Neil Farquharson

In case you missed it, The New York Times published a great piece over the weekend: The Cyberthreat Under the Street, and it turns out, there are bigger threats living beneath our streets than some sewer rats or the tall tale of an alligator. The piece begins its report with the statistic that there have been 16 fiber cuts in the San Francisco Bay Area in the past year. What is a fiber cut exactly? In this case, it was the severing of the fiber optic cables that supply telecommunications to the region — a region that happens to house Lawrence Livermore National Laboratory, an overseer of the nation’s nuclear weapons, numerous academic institutions and technology companies — that resulted in the inability to make mobile or landline calls, send texts or emails and a complete Internet outage. As cybersecurity and the constant string of data breaches have commanded national headlines, we seem to have forgotten the physical infrastructure that supports the intangible cloud and the valuable data it carries. We may talk about the Internet in terms of wireless and hotspots, but it relies on physical cables that are vulnerable to attack. So vulnerable, that anyone could go down a manhole to gain access. According to security experts and networking engineers, the real vulnerabilities lie at Internet exchange points (I.X.P.s), the locations where networks converge. In total, there about 80 I.X.P.s in the United States, with only a few serving as vital intersections for domestic and international traffic coming from undersea cables. Many of these I.X.P.s are housed in extremely vulnerable locations, some actually located in older buildings that lack security. What’s even more shocking is the fact that it’s possible to lease adjacent office space within these very buildings.

“I guess it’s a hide-in-plain-sight strategy,” said Jim Poole, vice president for global providers for Equinix, another company that owns I.X.P.s (some more protected than others). “I would hazard a guess that if an I.X.P. is not very secure, they are probably so obscure no one would know they were there.”

With these cables left vulnerable and exposed, how easy would it be to tap into them and steal data? As it turns out, not too hard by way of a man-in-the-middle attack, something we have discussed frequently on this blog. A man-in-the-middle attack is a way to intercept Internet traffic while in transit. And if that traffic happens to be unencrypted, it is open season for any motivated hacker. We were able to demonstrate such an attack with notorious hacker Kevin Mitnick, and all it took was a $400 fiber tap. https://www.youtube.com/watch?v=FH3sxFl-4is While there isn’t a detailed map in existence (that we know of) tracking the Internet’s complex network of highways and byways to show clear locations, Paul Barford, a professor of computer science at the University of Wisconsin recently completed a map of the United States’ long-haul Internet infrastructure — a four-year effort. What qualifies as long-haul must stretch at least 30 miles and connect population centers of at least 100,00 people — basically any suburban city upwards to major metropolitan areas.

“What we’re trying to avoid is giving bad guys a map to do bad things,” Professor Barford said. “Now that we can see the possible pinch points in the U.S., we are looking at ways to mitigate them.”

We see your point, Professor Barford, but until there is more security in place, it would greatly benefit companies to ensure that their communications are encrypted once it leaves their network.